Blog

Spy school dropout: GCHQ intern jailed for swiping classified data

Student 'believed he could finish' software dev 'project alone and therefore that the rules did not apply to him' A former GCHQ intern was jailed for seven-and-a-half years for stealing top-secret files during a year-long placement at the British intelligence agency.…

Cyber weapons in the Israel-Iran conflict may hit the US

With Tehran’s military weakened, digital retaliation likely, experts tell The Reg The current Israel–Iran military conflict is taking place in the era of hybrid war, where cyberattacks amplify and assist missiles and troops, and is being waged between two countries with very capable destructive cyber weapons.…

Do you trust Xi with your ‘private’ browsing data? Apple, Google stores still offer China-based VPNs, report says

Some trace back to an outfit under US export controls for alleged PLA links Both Apple's and Google's online stores offer free virtual private network (VPN) apps owned by Chinese companies, according to researchers at the Tech Transparency Project, and they don't make this fact readily known to…

Apple fixes zero-click exploit underpinning Paragon spyware attacks

Zero-day potentially tied to around 100 suspected infections in 2025 and a spyware scandal on the continent Apple has updated its iOS/iPadOS 18.3.1 documentation, confirming it introduced fixes for the zero-click vulnerability used to infect journalists with Paragon's Graphite spyware.…

Wanted: Junior cybersecurity staff with 10 years’ experience and a PhD

Infosec employers demanding too much from early-career recruits, says ISC2 Cybersecurity hiring managers need a reality check when it comes to hiring junior staff, with job adverts littered with unfair expectations that are hampering recruitment efforts, says industry training and cert issuer ISC2.…

Slapped wrists for Financial Conduct Authority staff who emailed work data home

It was one of the offenders' final warning Four staffers at the UK's Financial Conduct Authority (FCA) were let off with warnings over separate cases involving the transmission of regulator data to their personal email accounts.…

Ransomware scum disrupted utility services with SimpleHelp attacks

Good news: The vendor patched the flaw in January. Bad news: Not everyone got the memo Ransomware criminals infected a utility billing software providers' customers, and in some cases disrupted services, after exploiting unpatched versions of SimpleHelp’s remote monitoring and management (RMM) tool, according to a Thursday CISA…

‘Major compromise’ at NHS temping arm exposed gaping security holes

Incident responders suggested sweeping improvements following Active Directory database heist Exclusive  Cybercriminals broke into systems belonging to the UK's NHS Professionals body in May 2024, stealing its Active Directory database, but the healthcare organization never publicly disclosed it, The Register can reveal.…

DeepSeek installer or just malware in disguise? Click around and find out

'BrowserVenom' is pure poison Suspected cybercriminals have created a fake installer for Chinese AI model DeepSeek-R1 and loaded it with previously unknown malware called "BrowserVenom".…

Hire me! To drop malware on your computer

FIN6 moves from point-of-sale compromise to phishing recruiters In a scam that flips the script on fake IT worker schemes, cybercriminals posing as job seekers on LinkedIn and Indeed are targeting recruiters - a group hated only slightly less than digital crooks - with malware hosted on phony…

Copyright © 2026 Lugapel